Telephony Fraud Protection Target Matching Rules

When matching a call to an entry on a telephony fraud protection list, the Oracle® Enterprise Session Border Controller (E-SBC) performs the matching only on the ingress leg of the initial INVITE. In the initial INVITE, the E-SBC uses the From, To, and User-Agent headers for matching. Because you can place a phone number on multiple lists in the same source file, the E-SBC uses the following evaluation hierarchy to determine which number takes precedence:
  1. Longest match—The most specific entry takes precedence. For example, when 555-123-4000 is blacklisted and 555-123-* is white listed, the system blocks the call from 555-123-4000 because it is the longest match.
  2. Destination—When the system detects matches in both the SIP From header and the SIP To header, the match for the To header takes precedence.
  3. URI—When the system detects matches in both the USER and Host parts of a SIP URI, the match for the USER part takes precedence.
  4. SIP User-Agent header—Lowest priority. When nothing else matches, and there is a match for the User-Agent field, the E-SBC acts as instructed.
  5. Multiple instances—When the system detects multiple instances of the same match length, or when the target resides in multiple lists, the system uses the following order of precedence:

    1. White list—Entries on the white list take precedence with no restrictions. For example, when 555-123-4567 is on both the blacklist and the white list, the system allows this call because the number is on the white list.

    2. Blacklist

    3. Redirect

    4. Rate limiting

Note:

The telephony fraud protection feature does not affect emergency calls.

The telephony fraud protection feature uses source or destination IP, source or destination name or phone number, and caller user-agent to identify a caller. The system enforces the following rules for formatting entries on a fraud protection list:

Hostname

Format: Enter the exact IP address or FQDN.

User name

Format: Enter the exact user name. For example: joe.user or joe_user.

User-Agent-Header

The User-Agent header text in the INVITE message from the first call leg. This text usually contains the brand and firmware version of the SIP device making the call. For example, sipcli/v1.8, Asterisk PBX 1.6.026-FONCORE-r78.

Format: Enter the exact text.

Phone Number

Format: Enter the exact number or a partial number using the following characters to increase the scope of the matches.

Character Description
Asterisk * Use to indicate prefix matching, but only at the end of the pattern. For example, use 555* not *555. Do not use * in any other patterns, for example, in brackets [ ], parentheses ( ), or with an x.
Brackets [ ] Use to enclose ranges in a pattern. Syntax: [min-max]. For example: 555 [0000-9999].
The system considers 8[1-20]9 and 8[01-20]9 to contain the same number of characters because the leading 0 is implied. The system strictly enforces this pattern with respect to the range and the number of characters, as follows:
  • 8019 matches
  • 819 does not match
  • 8119 matches
Character x Use as a wildcard a the end of a dial pattern to mean 0-9. For example: 555xxx means match a number starting with 555 followed by 3 digits from 0-9.
Parentheses ( ) Use to enclose optional digits in a pattern. For example: 555xx(xxxx) means match a number starting with 555 plus a minimum of 2 digits, and optionally up to 4 more digits.
Previous
Previous 		Next
Next
Go To Table Of Contents
Contents